wetech-cms The new user role management module has a stored XSS vulnerability

The new user role management module has a stored XSS vulnerability

Open unafraid-fearless opened this issue 8 months ago • 0 comments

Interface location entry：http://{IP}:8081/wetech_web/admin/role/add.do，payload:<p/onMouseoVer=confirm7>4 ==> %3Cp%2FonMouseoVer%3Dconfirm%607%60%3E4

payload：

Jun 05 '24 04:06 unafraid-fearless

wetech-cms wetech-cms copied to clipboard

The new user role management module has a stored XSS vulnerability

wetech-cms
wetech-cms copied to clipboard